According to a survey conducted by analyst firm Statista GmbH, 44 percent of German companies have moved their business to the cloud. During the last couple of years, many cloud providers have developed different applications and the upward trend will remain steady. Our development-team from Sweden designed the business software Fortnox already in 2001, so we can confirm that the trend of moving businesses to the cloud is an upward trend. Especially, the future development is crucial because the requirements for cloud providers are growing continuously. Plenty of new suppliers are entering the cloud market every day, so the competition is increasingly high. Providers of cloud solutions have to stand out with new and innovative products otherwise they will leave the cloud market as fast as they entered it.
Univention integrated Dovecot as new default IMAP/POP3 mail server in UCS. This article gives a first overview about this integration.
Why Dovecot as default IMAP/POP3 server in UCS?
Dovecot has a focus on security, stability and performance, while complying with established standards. Similarly to Postfix Dovecot starts a couple of separate processes for different tasks. The processes can be run with different owner and group permissions to limit the impact of a security incident.
Dovecot supports several backend storage formats: mbox, Maildir and dbox. In each case it uses indices to increase access performance. Their self healing and self optimizing features reduce tedious administrative intervention and simplify backups.
Here at Univention, we are of course also concerned by the attack on the German parliament’s IT infrastructure, better known as the “Bundestag hack”. To recap: It appears that there were some bogus e-mails there including links to malware. A number of the Windows PCs in the Bundestag’s “Parlakom” network were or may still be infected with the malware, which is alleged to have searched for and copied certain confidential Word documents. According to a report in the Tagesspiegel (German) newspaper, this allowed the hackers to gain “administration rights for the infrastructure”. The attack was conducted as an “advanced persistent threat” or “APT attack” for short: in other words, a complex, multi-phase attack on the German parliament’s “Parlakom” IT network.
How IT systems can be taken over
There are a whole host of “classic” approaches for taking over IT systems, such as the exploitation of security vulnerabilities in the software, the interception or guessing of passwords (brute force attacks) and the cracking of password hashes. These methods are well known and it is comparatively simple to reduce the risk of such attacks’ being successful. The requisite measures are: regular, comprehensive and rapid installation of updates, encryption of sensitive data and network communication using state-of-the-art encryption standards, the use of sufficiently long passwords, logging of failed login attempts and blocking of user accounts with too many failed attempts, the use of salted password hashes (the salt converts two identical passwords into different hashes), iteration of the hash functions (rounds) and changing passwords regularly.
As manager of Univention North America, I often find myself working on the go. While free WiFi and mobile Internet are slowly bridging the gap between the office, airport lounges and hotels, connections are often slow and congested whenever many people are congregating.
While many office documents can still be worked on when on the go, synchronization with the office and collaboration with coworkers are still difficult, especially, if you have to consider questions like data and transmission security, including secure access to the company network, travel across time zones or, oh horror, the date line and slow connections.
Of course, travel needs are not the only reason, why you would want to look at these applications, for synchronization and collaboration can also greatly benefit teams that work at multiple locations or colleagues frequently working from home. In the end, nothing is worse than finding out that an employee has uploaded much of the companies confidential knowledge base to a cloud service, because tablets, smart phones or collaborations are words that the IT office can’t be bothered with.
Identity management (IdM) in essence refers to the management or administration of individual identities within a system, such as a company or network.
Within the corporate world, ID management refers more specifically to providing IT managers with a centralised administrative system (Identity Management System – IdMS) where company users and permission restrictions to applications such as ERP, CRM, e-mail client etc etc can be grouped together and managed collectively. The principle objective behind IdM is to improve security and protection for sensitive company data and systems, whilst simultaneously improving productivity as well as reducing costs, downtime and repetitive time consuming tasks. 
Example Set Up
What makes Identity Management Systems such as Univention Corporate Server (UCS) so useful is that they can be integrated into a whole host of systems including for example corporate phone systems like pascom’s mobydick VoIP Communications Solution as illustrated by the following video.
It’s not just in our working lives that digitalisation is constantly gaining ground; the number of digital devices we use at home is also increasing on a daily basis. A family of four or a shared flat can easily boast a formidable number of different devices and applications. It gets even more interesting when friends come to visit and want to play a movie on your television or use your printer. And it gets downright complicated if all these digital devices have to interact with each other too! In such cases, the requirements are often hardly any different from those of a small company, and the need for more comprehensive functions soon arises.
Many people already have a small home server at home, even if they don’t realise it. Boxes like QNAP, Synology and the like are often used for central file storage and as media servers, and these little boxes can really do much more than you’d think. So why not tap the existing potential?
When I started at Univention’s Professional Services in Germany, one of the questions I was asked was “Where do you see yourself in 5 years?”. Being prepared for the interview, my answer was a mixture of showing my idea of working with customers, my understanding of the technologies of UCS as well as my personal goals and dreams. Looking back to my answers in our HR folder, I have to admit that life has taken many turns that I didn’t plan for. Today, I’m no longer working in Professional Services. For a bit over a year, I’ve been Univention’s North American Operations dealing not only with technical projects but also with Sales, PR and Management as a whole.
What better chance is there to look back at the challenges and opportunities our move to the US has presented to us at Univention. I will look at the problems we could solve for our customers, the technical challenges UCS has mastered and how it changes us as a company when striving for perfection. For this reason, I’m happy to introduce this short series of blog posts looking back at the past and giving an outlook into the future:
The latest update for the Zarafa app in the Univention App Center – to version 7.1.12 – is significant not just for Zarafa itself but also for UCS integration: the update brings you up to version 2 of the Zarafa Web app and allows the app to be installed on a UCS member server. One significant improvement is a dedicated module in the UCS management system for managing Zarafa contacts and Zarafa shared stores.
Even today, the general consensus still stubbornly persists that Open Source software is developed by ponytailed computer geeks as a hobby in the middle of the night. It’s admittedly a very romantic notion, but one which only reflects the reality to a certain extent.
The Linux Foundation recently published a very interesting document on who actually contributes to the Linux kernel. Since 2005, some 11,800 individual developers from around 1,200 different companies have contributed to the Linux kernel. The fact that recently at least 88.2% of the improvements came from people who are also paid for this work – a growing trend – is proof that more and more IT professionals are also working on Linux.
Blue skies, red sunset and a training room overlooking lake Washington. In this setting, the first UCS Training in the United States ended in Kirkland, WA, a Seattle suburb. Despite the initial challenge of offering training courses around the world, Univention North America welcomed the first participants to learn about the finer details of operating a domain based on Univention Corporate Server.
Problems of connecting to the various Amazon Cloud images were quickly solved and soon the participants and me, as their trainer, went into discussing the various questions from either the training or their production sides.
The advanced level of the participants quickly allowed for an in-depth look at more advanced topics such as Samba debugging and changing UMC templates, allowing both the participants and us as Univention to take home new insides into UCS as a product and the skills needed to run bigger domains.
Vijay Sankar, ForeTell Technologies Limited:
“Thanks again for your excellent class and for patiently answering all
sorts of questions.”